[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 2 08:20:00 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5502a12f by Salvatore Bonaccorso at 2024-01-02T09:19:30+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,113 +1,113 @@
 CVE-2024-0186 (A vulnerability classified as problematic has been found in HuiRan Hos ...)
-	TODO: check
+	NOT-FOR-US: HuiRan Host Reseller System
 CVE-2024-0185 (A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1. ...)
-	TODO: check
+	NOT-FOR-US: RRJ Nueva Ecija Engineer Online Portal
 CVE-2024-0184 (A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1. ...)
-	TODO: check
+	NOT-FOR-US: RRJ Nueva Ecija Engineer Online Portal
 CVE-2024-0183 (A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1. ...)
-	TODO: check
+	NOT-FOR-US: RRJ Nueva Ecija Engineer Online Portal
 CVE-2024-0182 (A vulnerability was found in SourceCodester Engineers Online Portal 1. ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Engineers Online Portal
 CVE-2023-49142 (in OpenHarmony v3.2.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-49135 (in OpenHarmony v3.2.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-48360 (in OpenHarmony v3.2.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-47857 (in OpenHarmony v3.2.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-47216 (in OpenHarmony v3.2.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-43514 (Memory corruption while invoking IOCTLs calls from user space for inte ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43512 (Transient DOS while parsing GATT service data when the total amount of ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-43511 (Transient DOS while parsing IPv6 extension header when WLAN firmware r ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33120 (Memory corruption in Audio when memory map command is executed consecu ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33118 (Memory corruption while processing Listen Sound Model client payload b ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33117 (Memory corruption when HLOS allocates the response payload buffer to c ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33116 (Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33114 (Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_ ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33113 (Memory corruption when resource manager sends the host kernel a reply  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33112 (Transient DOS when WLAN firmware receives "reassoc response" frame inc ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33110 (The session index variable in PCM host voice audio driver initialized  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33109 (Transient DOS while processing a WMI P2P listen start command (0xD00A) ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33108 (Memory corruption in Graphics Driver when destroying a context with KG ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33094 (Memory corruption while running VK synchronization with KASAN enabled.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33085 (Memory corruption in wearables while processing data from AON.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33062 (Transient DOS in WLAN Firmware while parsing a BTM request.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33040 (Transient DOS in Data Modem during DTLS handshake.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33038 (Memory corruption while receiving a message in Bus Socket Transport Se ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33037 (Cryptographic issue in Automotive while unwrapping the key secs2d and  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33036 (Permanent DOS in Hypervisor while untrusted VM without PSCI support ma ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33033 (Memory corruption in Audio during playback with speaker protection.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33032 (Memory corruption in TZ Secure OS while requesting a memory allocation ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33030 (Memory corruption in HLOS while running playready use-case.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33025 (Memory corruption in Data Modem when a non-standard SDP body, during a ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-33014 (Information disclosure in Core services while processing a Diag comman ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-32891 (In bluetooth service, there is a possible out of bounds write due to i ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32890 (In modem EMM, there is a possible system crash due to improper input v ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32889 (In Modem IMS Call UA, there is a possible out of bounds write due to a ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32888 (In Modem IMS Call UA, there is a possible out of bounds write due to a ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32887 (In Modem IMS Stack, there is a possible system crash due to a missing  ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32886 (In Modem IMS SMS UA, there is a possible out of bounds write due to a  ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32885 (In display drm, there is a possible memory corruption due to a missing ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32884 (In netdagent, there is a possible information disclosure due to an inc ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32883 (In Engineer Mode, there is a possible out of bounds write due to a mis ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32882 (In battery, there is a possible memory corruption due to a missing bou ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32881 (In battery, there is a possible information disclosure due to an integ ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32880 (In battery, there is a possible information disclosure due to a missin ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32879 (In battery, there is a possible out of bounds write due to a missing b ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32878 (In battery, there is a possible information disclosure due to a missin ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32877 (In battery, there is a possible out of bounds write due to a missing b ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32876 (In keyInstall, there is a possible information disclosure due to a mis ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32875 (In keyInstall, there is a possible information disclosure due to a mis ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32874 (In Modem IMS Stack, there is a possible out of bounds write due to a m ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32872 (In keyInstall, there is a possible out of bounds write due to a missin ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2023-32831 (In wlan driver, there is a possible PIN crack due to use of insufficie ...)
-	TODO: check
+	NOT-FOR-US: Mediatek
 CVE-2024-0181 (A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1. ...)
 	NOT-FOR-US: RRJ Nueva Ecija Engineer Online Portal
 CVE-2023-6485 (The Html5 Video Player WordPress plugin before 2.5.19 does not sanitis ...)
@@ -43619,7 +43619,7 @@ CVE-2023-28585 (Memory corruption while loading an ELF segment in TEE Kernel.)
 CVE-2023-28584 (Transient DOS in WLAN Host when a mobile station receives invalid chan ...)
 	NOT-FOR-US: Qualcomm
 CVE-2023-28583 (Memory corruption when IPv6 prefix timer object`s lifetime expires whi ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-28582
 	RESERVED
 CVE-2023-28581 (Memory corruption in WLAN Firmware while parsing receieved GTK Keys in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5502a12f1926099803582654e90969d4e9c0ad2b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5502a12f1926099803582654e90969d4e9c0ad2b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240102/1de96a9a/attachment.htm>

More information about the debian-security-tracker-commits mailing list